key-connector/.github/workflows/build.yml

---
name: Build

on:
  push:
    paths-ignore:
      - '.github/workflows/**'
  workflow_dispatch:

jobs:
  cloc:
    name: CLOC
    runs-on: ubuntu-20.04
    steps:
      - name: Checkout repo
        uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846

      - name: Install cloc
        run: sudo apt update && sudo apt install cloc -y

      - name: Print lines of code
        run: |
          cloc --include-lang \
          C#,SQL,Razor,"Bourne Shell",PowerShell,HTML,CSS,Sass,JavaScript,TypeScript \
          --vcs git          


  build-artifacts:
    name: Build artifacts
    runs-on: ubuntu-20.04
    steps:
      - name: Checkout repo
        uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846

      - name: Print environment
        run: |
          whoami
          dotnet --info
          echo "GitHub ref: $GITHUB_REF"
          echo "GitHub event: $GITHUB_EVENT"          

      - name: Restore/Clean service
        working-directory: ./src/KeyConnector
        run: |
          echo "Restore"
          dotnet restore
          echo "Clean"
          dotnet clean -c "Release" -o obj/build-output/publish          

      - name: Publish service
        working-directory: ./src/KeyConnector
        run: |
          echo "Publish"
          dotnet publish -c "Release" -o obj/build-output/publish
          cd obj/build-output/publish
          zip -r KeyConnector.zip .
          mv KeyConnector.zip ../../../
          pwd
          ls -atlh ../../../          

      - name: Upload service artifact
        uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
        with:
          name: KeyConnector.zip
          path: ./src/KeyConnector/KeyConnector.zip
          if-no-files-found: error


  build-docker:
    name: Build Docker images
    runs-on: ubuntu-20.04
    needs: build-artifacts
    env:
      _SERVICE_NAME: key-connector
    steps:
      - name: Checkout repo
        uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846

      - name: Setup DCT
        id: setup-dct
        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix-rc'
        uses: bitwarden/gh-actions/setup-docker-trust@33f5410f5faac36cd8c32359fff9d2306119979a
        with:
          azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
          azure-keyvault-name: "bitwarden-ci"

      - name: Get build artifact
        uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
        with:
          name: KeyConnector.zip

      - name: Setup build artifact
        run: |
          mkdir -p ./src/KeyConnector/obj/build-output/publish
          unzip KeyConnector.zip \
            -d ./src/KeyConnector/obj/build-output/publish          

      - name: Build Docker images
        run: |
          docker build -t ${{ env._SERVICE_NAME }} \
            ./src/KeyConnector          

      - name: Tag and Push RC to Docker Hub
        if: (github.ref == 'refs/heads/rc')
        env:
          DOCKER_CONTENT_TRUST: 1
          DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.setup-dct.outputs.dct-delegate-repo-passphrase }}
        run: |
          docker tag ${{ env._SERVICE_NAME }} \
            bitwarden/${{ env._SERVICE_NAME }}:rc
          docker push bitwarden/${{ env._SERVICE_NAME }}:rc          

      - name: Tag and Push Hotfix to Docker Hub
        if: (github.ref == 'refs/heads/hotfix-rc')
        env:
          DOCKER_CONTENT_TRUST: 1
          DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.setup-dct.outputs.dct-delegate-repo-passphrase }}
        run: |
          docker tag ${{ env._SERVICE_NAME }} \
            bitwarden/${{ env._SERVICE_NAME }}:hotfix
          docker push bitwarden/${{ env._SERVICE_NAME }}:hotfix          

      - name: Tag and Push Dev to Docker Hub
        if: (github.ref == 'refs/heads/master')
        env:
          DOCKER_CONTENT_TRUST: 1
          DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.setup-dct.outputs.dct-delegate-repo-passphrase }}
        run: |
          docker tag ${{ env._SERVICE_NAME }} \
            bitwarden/${{ env._SERVICE_NAME }}:dev
          docker push bitwarden/${{ env._SERVICE_NAME }}:dev          

      - name: Log out of Docker and disable Docker Notary
        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix-rc'
        run: |
          docker logout
          echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV